CNT 4419, Fall 2021
Secure Coding
Announcements
Final grades are posted on Canvas.
Course materials
Schedule (filled in as the semester progresses)
| Week | Dates | Topics | Reading |
|---|---|---|---|
| 1 | 8/23, 8/25 | Introduction, Policies, Mechanisms, Enforcement | Chapter 1 |
| 2 | 8/30, 9/1 | Properties, CIA, Safety | Optional: Enforceable Security Policies |
| 3 | 9/8 | Safety | Class notes |
| 4 | 9/13, 9/15 | Liveness, Unenforceability | Class notes |
| 5 | 9/20, 9/22 | Threats | Chapters 2-3, Appendix A |
| 6 | 9/27, 9/29 | Threats, Tradeoffs, Secure design | Class notes |
| 7 | 10/4, 10/6 | Access control, Buffer overflows | Chapters 5-6 |
| 8 | 10/11, 10/13 | Buffer overflows | Class notes |
| 9 | 10/18, 10/20 | Format-string and integer-overflow attacks, Networking and communications | Class notes |
| 10 | 10/25, 10/27 | Protocols, DoS, Firewalls, IDSs, Web applications | Class notes |
| 11 | 11/1, 11/3 | Client-state manipulation, CSRFs | Chapter 7 |
| 12 | 11/8, 11/10 | CSRFs, Databases, Information management, SQL | Class notes |
| 13 | 11/15, 11/17 | SQL, SQL-injection attacks | Chapter 8 |
| 14 | 11/22 | SQL-injection attacks, XSS | Class notes |
| 15 | 11/29, 12/1 | Cryptography, Password management | Class notes |